A vulnerability, which was classified as critical, has been found in Google Android (Smartphone Operating System) (unknown version). This issue affects an unknown code block of the component Qualcomm. Applying a patch is able to eliminate this problem.
AgileBits 1Password through 220.127.116.110 allows security feature bypass
A vulnerability was found in D-Link DIR-868L (Router Operating System). It has been rated as critical. This issue affects an unknown function of the file authentication.cgi. Upgrading to version v1.21SHCb03 eliminates this vulnerability.
Ansible prior to 1.5.4 mishandles the evaluation of some strings.
A vulnerability classified as critical has been found in Asus RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, RT-AC3100, RT-AC87U, RT-AC3200 and RT-AC5300. Affected is an unknown functionality of the file Main_Analysis_Content.asp. Upgrading eliminates this vulnerability.
The update process in Xmind 3.4.1 and earlier allow remote attackers to execute arbitrary code via a man-in-the-middle attack.
Unify OpenStage/OpenScape Desk Phone IP SIP before V3 R3.11.0 has an authentication bypass in the default mode of the Workpoint Interface
A vulnerability was found in WP Security Audit Log Plugin 3.1.1 on WordPress (WordPress Plugin) and classified as problematic. This issue affects some unknown functionality of the file wp-content/uploads/wp-security-audit-log/. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
A vulnerability was found in Foreman up to 1.16.0 (Service Management Software) and classified as problematic. Affected by this issue is an unknown function. Upgrading to version 1.16.1 eliminates this vulnerability. A possible mitigation has been published 7 months after the disclosure of the vulnerability.
cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and execute arbitrary Java code by leveraging a network position between the client and the registry to block HTTPS traffic.
A vulnerability, which was classified as critical, has been found in McAfee Network Security Management up to 8.2.7. Affected by this issue is some unknown functionality of the component Web Interface. Upgrading to version 18.104.22.168.2 eliminates this vulnerability.
SpagoBI before 4.1 has Privilege Escalation via an error in the AdapterHTTP script
Prizm Content Connect 5.1 has an Arbitrary File Upload Vulnerability
A vulnerability was found in Google Android (Smartphone Operating System) (the affected version is unknown). It has been declared as critical. This vulnerability affects the function nfc_hci_cmd_received() of the file core.c. Applying a patch is able to eliminate this problem.
An issue exists in Safend Data Protector Agent 3.4.5586.9772 in the securitylayer.log file in the logs.9972 directory, which could let a malicious user decrypt and potentially change the Safend security policies applied to the machine.